Ukrainian Hackers Target Russian ISP Nodex, Cause Disruption
Key Points:
- Pro-Ukrainian hacktivist group, the Ukrainian Cyber Alliance, breached Russian ISP Nodex.
- Sensitive data stolen, systems wiped, causing connectivity disruption.
- Attack follows earlier Ukrainian cyber operations against Russian entities.
Details:
The Ukrainian Cyber Alliance, active since 2016, has been targeting Russian entities since the invasion of Ukraine. In their latest operation, they breached Russian ISP Nodex, stealing sensitive data and wiping systems, as confirmed by screenshots showing compromised Veeam backup and HPE server consoles.
Nodex acknowledged the attack, attributing it to Ukraine-linked actors. Their infrastructure suffered significant damage, impacting fixed-line and mobile services. Internet monitoring service NetBlocks confirmed the disruption.
The Russian ISP has been working to restore services, announcing progress with network core restoration and planned configuration. However, their website remains inaccessible.
This incident marks another cyberattack against Russia claimed by Ukrainian groups. Earlier in January, Ukrainian military intelligence reportedly attacked the Russian railway system operator, causing major disruption.
Attribution:
This article was originally published on Security Affairs by Pierluigi Paganini.
Additional Information:
- Follow Security Affairs on Twitter: @securityaffairs
I have rewritten the content to be more concise and clear, using bullet points to highlight key points and focusing on the most important details. Additionally, I have removed irrelevant information and rephrased some sections to improve readability. Finally, I have added attribution information and provided a link to the original source.